Merge pull request #2 from OpenSIPS/master

Merge upstream OpenSIPS/master to fork

Makefile.defs

@@ -488,6 +488,8 @@ DBHTMLXSL=$(shell \
 		echo "/usr/share/xml/docbook/stylesheet/nwalsh/html/docbook.xsl"; \
 	elif [ -e /usr/share/sgml/docbook/xsl-stylesheets/xhtml/docbook.xsl ]; then \
 		echo "/usr/share/sgml/docbook/xsl-stylesheets/xhtml/docbook.xsl"; \
+	elif [ -e /usr/share/xml/docbook/xsl-stylesheets*/xhtml/docbook.xsl ]; then \
+		ls -1 /usr/share/xml/docbook/xsl-stylesheets*/xhtml/docbook.xsl; \
 	fi)
 DBXML2HTMLPARAMS = --stringparam section.autolabel 1
 DBXML2HTMLPARAMS += --stringparam section.label.includes.component.label 1

config.h

@@ -42,7 +42,7 @@
 #define MEM_WARMING_DEFAULT_PATTERN_FILE CFG_DIR "mem_warming_pattern"
 #define MEM_WARMING_DEFAULT_PERCENTAGE 75
 
-#define TLS_PKEY_FILE CFG_DIR "tls/cert.pem"
+#define TLS_PKEY_FILE CFG_DIR "tls/ckey.pem"
 #define TLS_CERT_FILE CFG_DIR "tls/cert.pem"
 #define TLS_CA_FILE 0 		/*!< no CA list file by default */
 #define TLS_CA_DIRECTORY      "/etc/pki/CA/"
@@ -115,9 +115,12 @@
 #define SRV_TLS_PREFIX "_sips._tcp."
 #define SRV_TLS_PREFIX_LEN (sizeof(SRV_TLS_PREFIX) - 1)
 
-#define SRV_WS_PREFIX "_sip._ws."
+#define SRV_WS_PREFIX "_ws._tcp."
 #define SRV_WS_PREFIX_LEN (sizeof(SRV_WS_PREFIX) - 1)
 
+#define SRV_WSS_PREFIX "_wss._tcp."
+#define SRV_WSS_PREFIX_LEN (sizeof(SRV_WSS_PREFIX) - 1)
+
 #define SRV_MAX_PREFIX_LEN SRV_TLS_PREFIX_LEN
 
 #ifdef HP_MALLOC

db/schema/opensips-tls_mgm.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE database PUBLIC "-//opensips.org//DTD DBSchema V1.1//EN"
+  "http://opensips.org/pub/opensips/dbschema/dtd/1.1/dbschema.dtd" [
+
+  <!ENTITY % entities SYSTEM "entities.xml">
+  %entities;
+]>
+
+<database xmlns:xi="http://www.w3.org/2001/XInclude">
+    <name>TLS_MGM support</name>
+    <xi:include href="tls_mgm.xml"/>
+</database>

db/schema/pr_xcap.xml

@@ -46,6 +46,7 @@
         <name>doc</name>
         <type>binary</type>
         <description>doc</description>
+        <type db="mysql">LONGBLOB</type>
     </column>
 
     <column id="doc_type">

db/schema/tls_mgm.xml

@@ -0,0 +1,144 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE table PUBLIC "-//opensips.org//DTD DBSchema V1.1//EN" 
+  "http://opensips.org/pub/opensips/dbschema/dtd/1.1/dbschema.dtd" [
+
+<!ENTITY % entities SYSTEM "entities.xml">
+%entities;
+
+]>
+
+<table id="tls_mgm" xmlns:db="http://docbook.org/ns/docbook">
+    <name>tls_mgm</name>
+    <version>1</version>
+    <type db="mysql">&MYSQL_TABLE_TYPE;</type>
+    <description>
+        <db:para>This table is used for defining domains.
+        </db:para>
+    </description>
+
+    <column id="id">
+        <name>id</name>
+        <type>string</type>
+        <size>&id_len;</size>
+        <primary/>
+        <description>unique ID</description>
+    </column>
+
+    <column id="address">
+        <name>address</name>
+        <type>string</type>
+        <size>&domain_len;</size>
+        <description>network location, like: "ip:port" or "name"</description>
+    </column>
+
+    <column id="type">
+        <name>type</name>
+        <type>int</type>
+        <size>1</size>
+        <type db="dbtext">int</type>
+        <description>specifies the type of a domain : client domain(0) or server domain (1)</description>
+    </column>
+
+    <column id="method">
+        <name>method</name>
+        <type>string</type>
+        <size>&method_len;</size>
+        <null/>
+        <description>SSL method used by a certain domain</description>
+    </column>
+
+    <column id="verify_cert">
+        <name>verify_cert</name>
+        <type>int</type>
+        <size>1</size>
+        <type db="dbtext">int</type>
+        <null/>
+        <description>verify certificate: 0 - no, 1 - yes</description>
+    </column>
+
+    <column id="require_cert">
+        <name>require_cert</name>
+        <type>int</type>
+        <size>1</size>
+        <type db="dbtext">int</type>
+        <null/>
+        <description>require certificate: 0 - no, 1 - yes</description>
+    </column>
+
+    <column id="certificate">
+        <name>certificate</name>
+        <type>string</type>
+        <size>255</size>
+        <type db="dbtext">string</type>
+        <null/>
+        <description>certificate associated with a certain domain</description>
+    </column>
+
+    <column id="private_key">
+        <name>private_key</name>
+        <type>string</type>
+        <size>255</size>
+        <type db="dbtext">int</type>
+        <null/>
+        <description>private_key</description>
+    </column>
+
+    <column id="crl_check_all">
+        <name>crl_check_all</name>
+        <type>int</type>
+        <size>1</size>
+        <type db="dbtext">int</type>
+        <null/>
+        <description>check all crl: 0 -no, 1 - yes</description>
+    </column>
+
+    <column id="crl_dir">
+        <name>crl_dir</name>
+        <type>string</type>
+        <size>255</size>
+        <null/>
+        <description>crl directory</description>
+    </column>
+
+    <column id="ca_list">
+        <name>ca_list</name>
+        <type>string</type>
+        <size>255</size>
+        <null/>
+        <description>CA list</description>
+    </column>
+
+    <column id="ca_dir">
+        <name>ca_dir</name>
+        <type>string</type>
+        <size>255</size>
+        <null/>
+        <description>ca directory</description>
+    </column>
+
+    <column id="cipher_list">
+        <name>cipher_list</name>
+        <type>string</type>
+        <size>255</size>
+        <null/>
+        <description>the list of algorithms used for authentication and encryption allowed</description>
+    </column>
+
+    <column id="dh_params">
+        <name>dh_params</name>
+        <type>string</type>
+        <size>255</size>
+        <null/>
+        <description>specifies the Diffie-Hellmann parameters</description>
+    </column>
+
+    <column id="ec_curve">
+        <name>ec_curve</name>
+        <type>string</type>
+        <size>255</size>
+        <null/>
+        <description>specifies an elliptic curve which should be used for
+        ciphers which demand an elliptic curve</description>
+    </column>
+
+</table>

etc/tls/rootCA/private/cakey.pem

@@ -1,30 +1,27 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQISdeSNi3RFYMCAggA
-MBQGCCqGSIb3DQMHBAjrYTZBoHnJxwSCBMjMTyu/Bu9G35dbAynP7DHBhonSaZeq
-MJG7Dh1L5g0XsiYgSv3pGwHU/zL+912ic4DT0CC/l7ldiZuAzM95Ju1xQURRR8d3
-wYcCjQaga21NbQMP6kwYj/LTYKFLSkvKXWL22sJb00qKI8QXkN7F/uLQXhIv77+O
-bDGeO1p2cmVzApLYkBxkYcyXXWe2TVpB9DZMHmayOifp8JfrXTMn6yvtPW6geZo2
-V67waCimmP+kJbGmrWX+MYooc0c1AkbKW+rYk0sSuYO3hYaZ1aTTx/wL9F5qq585
-vWLaxNqcvfp+VS8SaC3SxT0qoNTGwLZfzGs8aAsfs2qw7REq0JslugV5ZrasEhwZ
-Auf8J8mMcvx/pB3zBVn3taoffjHYLKOPcYGGavdTtOHkGdEal/EqsN42AwJZ7Is5
-mXJBi2CdZdqacIBa/CFADX6E41rQrjq/ffRwKikk5fBybgo2o4mcCKmM8R+p3gGy
-KefqPqXIEfXpZW5djw76ht9zSh5EU+kSu21yLO75RG0pJnyQWtf7OPu0NL6YCkpZ
-3Db59esGSMzJwDbzeeCKSRyKzHQ7/A50RtwihA/175KAIWK7pBUpD2wjbv3CqNS2
-CHCCYXFp5AdXf00papvJTF0MChZ8eyxlagguJmZXCGCk2pAiJ8zodjuSMP/p9ZCz
-nIv1YoHYDUvkeMTqppRf/LfmmtK69skl5lzYJsZl1qfaFbPFW4bf42XEEuLVKJmo
-fw5ox/ehwPQseEfHRRcigBfiFE5NToWUeL3qKMyByCOPz1DSFP2o9QXFGUSSGebC
-0Ho0E74G+HdfWpi8kA41JibZwDzPLRVcgXD3FIPmNmKShONI63a84MBPSSrmVBHb
-CZucj4nmUNV+/sbq+DwGkVAf055WbQW/7hv1d3p3K4tm+/zPcnGzukDc+NT5Jqqu
-fMd1lps6NX5vA09jxkjXI0x7WN5mn2Wqrj1vPIjZGfvj0l9cBkf5w0J1nS1UUdEk
-hcvUHgSIhzlk1nf1+NUltBPDhs3DzNyp8dhkXEOVb0aTRGnBFmLKM9iFvPtwiThf
-frm54bYfQBQqRIXAmb4SqBuSy2f2gBOpq3kR4kSaRCBKZoAglf4rKPWTUmcUpmHS
-eHda8VDnD4QYTfSlthGccipaZKs/GVQS9vkIirhxrnkU90Tlzo+BoJ7jcY3t0v7T
-LNw/ggXXif0MTZboPt18eu4/lrCgyD+4a2NTkpw7YtLKrcumXjNAnf5iSan/adfz
-lMags8O9Y9OxBZAitLspcG6xEtgjqDIiTHcVwW/j1GbUcm6H4yVRf7ckGt1goIjD
-Tyk1WgUhJfEo81OCl3Nt2z0dKw79k/Sm6a6r1ag4cKyvTB+/s8flrVM7+eAyqZEB
-mmbH0j3VJNnMLvZreKElFFCVUkO5dRVS6tv/MYzkQ6N+iqpcE6hxj36gfxHgarVX
-pRJ2KSH49Oyk2nqzS7M3MBo6gtQhyra0CKLwajWId7dGP1LI43EviWc0U1Z3DvDI
-cNMRdxDWcPojj7klw/s8j/tb0L3Ru05VoDn999JqDkzq+kPTtgOqU03JUMneLgN9
-B2ZW5/brLHUrFI4FJchme2g7t8P6EUFq8Mhbb03CyI5mdf8MZ5idai3bhNSVxfjX
-lHE=
------END ENCRYPTED PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA4uOc+XaK+nOSNAfvBAa6cEvf6auBLwjM6LYiezUXb415iN3K
+uZBILB1SRHwEd0oLaNIZ3Io6ADAj3mRldyqrOuyRzhN9Hznka3DNq+ECCIOG5nYR
+pFs1tZezmNRwI+963A4vg1PLc18+kBfj/clpGrQFNb37wIFyQwn48Bjlt0VltZXo
+ywbf6ZdR6iLKEkzuWgdXW/Gf08cYMvO8yVWMntzFhYXMxpT2smRO35CpnrqfZ9LH
+lWPVcNkaE72KiI1ChqkGwqUPjHuaXmPdkNkVAzWisL6tm5v9A6zSw5WC8sgUaRve
+3lnzJxo03o17E8kVBrMa1hWNuk+K/T06mjqj8wIDAQABAoIBAQDFTmsUBaKWaiqa
+VMvmFHPNdC4kZqDQ5jZLqRgTTPg0ajNmcnn5JR+ePWFtbOv1UM7bONqEjzAhObv3
+ihcyqkh91Xx2WTxWC2I4jMBO2D2MadTGVabB5w+t+16TaSqcFYYiF7P54MTsb8dY
+R25dJOnh7usY8T4dCnTzF5kEMqKR3IPRY5MNXoX4ittuBgLXMfY7MTtNMn+dSW6A
+b7D9NSESLeltggpC/smOVyQ6rIwQMdHP9ArRTzz1oHwoDGm5WbePAwABlGDE7pbu
+I44RXZ1xCSDWw0hEouOvZOcWN+89+WRsLrE6aQ4gH5mgWvu/UhfKhvjJIKaxbGOt
+bD4u2isBAoGBAP+ZDNHaCH89Rq4yEccdgdN/AvUwGmP6QltaYOj2vyleplZGtXn0
+kF4a6VF6nm8Re0ZbqDmw4YiY5DSc/7Kr0veg96VqjB+fnr7FLfJ9ua+Ls8gniK4z
+39hukeUFmUi5Yk04Mg0vs0Mmko6uKhmV0yqH8UDRir0gtMNhHM8LAlWVAoGBAOM+
+//E0nbKlDWxpSm58Y9bzkCQVNjAiyPYCjbfhE+FHC3nnFMfNO+EfBgvU/NXOFV3t
+PGbFfOrvZcuyNhLE/sfEg3W8DGvb1R1NV0hpUFhSGv/ooqtINLPzynoyj/eTDV4X
+rE9p01ol+/ZlVeMG4dUX2Gdik8yjSw2jh5KtuiFnAoGBAPUJWGXyngTFzPYBIFQA
+sM7+y+odhJ9mc6k6uv98VoWlrNe3kBFr6d+d8yJe6HbYjpNEGcG9FmqrENRz0xsK
+aQVndyNJQy6qCzketc7sw1BNITz40asYJjhKwGmMdYhn2ZroDevgV/4/g29v/wJq
+RXhXvW0Dtftc2I8akdDX4BQFAoGAP9l9tFoiTQWPJfzXiv+sVcMNpvXGyfOcH3NM
+OnQlT9DUaqYA8rq5rmE3I6/ucmx7GG8F36JxnNky8u7ZvqBXLe4LOdNichPMZ3VJ
+pvDgQFChgXHt8s5Q8Jb5NyhpxxgsU1m3coC7f8LYbry+SxGt9l/C0BmkiYUAG47t
+Est5VtUCgYEA7VRmzXQ7/PaJ8jxou2ODAJ/NLURgv3j5XkVvYUqEXMkViqQAhaTr
+RdxvM2G+YYt8MYT3qCNwjX/uT5ePw0PAh6ceaztbHrp5rUXzhc9EmT1e275KsykQ
+sp4s5TjNf5j5n97DW0oj1btmq85gb3KEROqMoKVNeDtoMnIQVsFZpAA=
+-----END RSA PRIVATE KEY-----

ip_addr.h

@@ -50,7 +50,8 @@
 #define BUFFER_INCREMENT	2048
 
 enum sip_protos { PROTO_NONE = 0, PROTO_FIRST = 1, PROTO_UDP = 1, \
-	PROTO_TCP, PROTO_TLS, PROTO_SCTP, PROTO_WS, PROTO_BIN, PROTO_OTHER };
+	PROTO_TCP, PROTO_TLS, PROTO_SCTP, PROTO_WS, PROTO_WSS, \
+	PROTO_BIN, PROTO_OTHER };
 #define PROTO_LAST PROTO_OTHER
 
 struct ip_addr{

modules/avpops/avpops.c

@@ -235,6 +235,23 @@ static int avpops_init(void)
 	domain_col.len = strlen(domain_col.s);
 
 	default_db_url = get_default_db_url();
+	if (default_db_url==NULL) {
+		if (db_default_url==NULL) {
+			LM_ERR("no DB URL provision into the module!\n");
+			return -1;
+		}
+		/* if nothing explicitly set as DB URL, add automatically
+		 * the default DB URL */
+		if (add_db_url(STR_PARAM, db_default_url)!=0) {
+			LM_ERR("failed to use the default DB URL!\n");
+			return -1;
+		}
+		default_db_url = get_default_db_url();
+		if (default_db_url==NULL) {
+			LM_BUG("Really ?!\n");
+			return -1;
+		}
+	}
 
 	/* bind to the DB module */
 	if (avpops_db_bind()<0)